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5 This application claims the benef,, of the fling date of the Provisional U.S. 

Paten, Application entUled "METHOD FOR STANDARDIZING THE USE OF ISO 
78 16 SMART CARDS IN RECEIVERS PERFORMING CONDITIONAL ACCESS", 
application number 60/197,147, filed April 14, 2000. 



10 pifi n OF THE I NVENTION 

The present invention pertains to the field of conditional access mechanisms. 
More particularly, the present invention .elates ,0 standard* i„g the use of ISO 7816 
smart cards in conditional access systems. 



15 u a nrr.ROl TNP P" ™* INVENTION 

m applications, appliances, computer systems, or other systems where data 
ani ,or signals are scaled, encrypt or protected, there is often a control mechanism 
,„ allow the descrambling, decryption, or decoding of such data and/or signals. Th,s 
control mechanism is often referrcd to as a conditional access (CA) system or modu.e. 
20 TheCAsystemmayconsistofseveralmcxiu.esmatperfonnfunction, Someofthe 



functions may l 



. be performed on a card which may be inserted into a system or slot. One 

mutational Association (PCMCIA). Smart cards have severa, standards, one ,s 
rntemanona, Organ.za.ion for Standardization (ISO) 7816. Reference will be made to 
25 mis specification as ISO 78.6. PCMCIA cards have severa, standards, one is Type 2. 
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Reference to a smart card is to be understood to refer to the ISO 7816 standard unless 

stated otherwise. Reference to a PCMCIA card is to be understood to refer to the 

PCMCIA Type 2 standard unless stated otherwise. 

There are several standards for conditional access systems. In the U.S., one such 

5 standard is the National Renewable Security Standard (NRSS). The NRSS has defined 

two types of CA modules, a NRSS part A module (NRSS-A) with a smart card form 

factor, and NRSS Part B (NRSS-B) with a PCMCIA form factor. In the U.S. some 

other standards are OpenCable™ Host Point Of Deployment Interface Specification 

^ (POD), and Conditional Access System for Terrestrial Broadcast (ATSC-A70). In 

?p. 10 Europe, Digital Video Broadcasting (DVB) organization has defined a CA module 

r| similar to NRSS Part B called "Common Interface" (CI). 

\J One of the challenges facing manufacturers building devices that have 

s conditional access capability is that they want a standardized method for communicating 

p to CA modules. NRSS Part A, which uses the smart card form factor, has technical 

15 implementation issues. NRSS part B modules, which are PCMCIA form factor, are 

b ^ expensive, and have some technical issues as well. Devices that may accept a CA 

module include, but are not limited to, televisions (TVs), video cassette recorders 

(VCRs), personal video recorders (PVRs), home jukebox players, set top boxes (STB) 

for terrestrial broadcast, cable, or satellite, etc. Manufacturers want the CA interface 

20 standardized so that the devices can be built in a generic way. The NRSS-A CA card is 

not a typical ISO 7816 smart card, and NRSS-A cards are not readily available. 

A device (set top box, TV, VCR, etc.), which has both a CA interface for an ISO 

7816 smart card, and a POD module typically has two separate interface protocols. 

Different CA protocols for different types of CA modules adds to the complexity of the 
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SUMMARY OF THE INVENTION 

A conditional access system and method are disclosed allowing the use of a 
standard smart card. A computing resource configured to run the conditional access 
protocol has a smart card interface and a software wrapper configured to run on the 
computing resource coupling the smart card interface to the conditional access protocol. 
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BRIEF DESCRIPTION OF THE DRAWINGS 

The present invention is illustrated by way of example and not limited by the 
figures of the accompanying drawings in which like references indicate similar elements 
and in which: 

Figure 1 is an illustration of a prior art conditional access system; 
Figure 2 illustrates a block diagram of one embodiment of the present invention; 
Figure 3 illustrates another embodiment of the present invention; 
Figure 4 illustrates signal flow in another embodiment of the present invention; 
Figure 5 illustrates resources in one possible embodiment of a conditional access 
system; and 

Figure 6 illustrates information flow in another embodiment of a conditional 
access system. 
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DETAILED DESCRIPTION 

A method and apparatus for using a standard smart card in a conditional access 

system is described. References will be made to communications, links, pathways, etc., 

and it is to be understood that what these terms refer to is information being transferred. 

5 This information being transferred may be in the form of a signal, a series of signals, 

data, or streams of data. The actual mechanism for the transfer of the information is not 

critical to the description or understanding of the present invention and may take the 

form of wired, wireless, busses, optical, or other transmission medium. 

Computing resources may be referred to as well as executing programs, 

10 coupling, and routing data and/or signals in software. What is to be understood is that a 

computing resource, such as a microprocessor, is executing a series of instructions, 

which are causing these operations to occur. For example, the routing of signals and/or 

data may consist of presenting computing results to a memory location, a stack, an 

electrical bus structure, etc. 

15 Likewise, reference is made to application programming interfaces (API). It is 

to be understood that an API is one of several methods to gain access to computing 

resources. The API may consist of software, hardware, or a combination of hardware 

and software. For example, a software API may consist of a call routine. An API 

involving hardware may consist of an interrupt request. 

20 Figure 1 is an illustration of a prior art conditional access system. In Figure 1 

the conditional access (CA) system 100 has three major blocks, a host 102, a CA 

module 1 10, and a smart card 130. Coming from the host 102 is a data stream 106, 

which may be scrambled. The data stream 106 enters a descrambler 1 12 in the CA 

module 1 10 and produces a descrambled output 1 14. The descrambled output 1 14 may 
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then enter an optional copy protection 1 16 block and be sent as a copy protected stream 
108 to the host 102 where it is received by a copy protection block 104 in the host 102. 
The copy protection 1 16 in the CA module 1 10 and the copy protection 104 in the host 
102 are optional blocks. For example, at this time the DVB organization has not 
5 specified a copy protection method. Smart card 130 communicates with the CA module 
1 10 via link 126 with a smart card interface 124. The smart card interface 124 
communicates to the central processing unit (CPU) 120 via communication link 122. 
The CPU 120 interfaces with the descrambler 1 12 via pathway 1 18. 

An example of an operational sequence would be the host 102 sending a 
g 10 scrambled data stream 106 to the descrambler 112. The descrambler 112 may then 
6 communicate via 1 12 to the CPU 120 a request for a CA code word required for the 

y descrambler 1 12 to descramble the scrambled data stream 106. The CPU 120 may then 

^ communicate via link 122 the request to the smart card interface 124, which in turn 

^ communicates via link 126 with the smart card 130. The smart card 130 may then 

'?% 15 communicate back to the smart card interface 124 via link 126 the requested 
3 information. This information is then communicated via link 122 to the CPU 120 and 

then through pathway 118 to the descrambler 112, which then uses the information to 
descramble the signal. This descrambled signal 114 then may optionally pass through 
copy protection 1 16. The signal is then communicated from the CA module 1 10 
20 through link 108 to the host 102 where it may optionally pass through a copy protection 
104. 

Figure 2 illustrates a block diagram of one embodiment of the present invention. 
In this embodiment, the CA system 200 has two major blocks, a host 202, and a smart 
card 230. The smart card 230 communicates via link 226 with the smart card interface 
80398.P323 7 



224. The smart card interface 224 communicates via link 222 with the CPU 220. The 
CPU 220 communicates via link 218 with the descrambler 212. The descrambler 212 
may receive a scrambled data stream 206 and may descramble it providing a 
descrambled data stream 214. 
5 As can be seen from the prior art as illustrated in Figure 1 and one embodiment 

of the present invention as shown in Figure 2, the functionality of the CA module 1 10 in 
Figure 1 is being substantially performed by the host 202 in Figure 2. Thus, for 
example, the descrambler function in the prior art, which was performed in a CA 
module 1 10, may in the present invention be performed substantially by the host 202. 

10 Thus, the host may be required to perform replacement functions for some of the 
functionality that the CA module 1 10 in the prior art performed. 

Figure 3 illustrates another embodiment of the present invention. An existing 
conditional access protocol 310 interfaces with a software wrapper 320 which interfaces 
to a smart card interface 330. The CA protocol 310, may be for example, an industry 

15 standard protocol conforming to a spec, such as the NRSS-B. The software wrapper 
320 presents to the CA protocol 310 the proper signals and/or data such that the NRSS- 
B protocol is met. That is, the CA protocol 310 does not have to be modified to work 
with a smart card because the software wrapper 320 performs those functions that in 
combination with the smart card fully meet the CA protocol 310. The actual interface of 

20 the software wrapper 320 to the CA protocol 310 may, for example, be through an 
application programming interface (API) of the CA protocol 310. Functions that the 
software wrapper 320 may need to perform in order to allow the smart card interface 
330 to operate and/or interface to the CA protocol 310, may for example include, but are 
not limited to such functions as demultiplexing of entitlement management mode 
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(EMM) messages, entitlement control messages (ECM), service information (SI), etc. 
Additionally the software wrapper 320 may need to load descrambling keys into a 
descrambler. 

It is to be understood that the specific implementation of the smart card interface 
5 330, the software wrapper 320, and the CA protocol 310, may all be in software, 
hardware, or a combination of software and hardware. For example, the CA protocol 
310, and software wrapper 320 may be software programs executing on a host's 
resources such as a CPU, memory, non-volatile storage, etc. The smart card interface 
330, may for example, be implemented in hardware and may consist of something as 

yu 10 simple as a receptacle for a smart card to plug into. The smart card may be more 

5 

complicated and consist of, for example, a microprocessor based controller interfaced to 
a wireless transmitter and receiver for communication with a smart card. 

Figure 4 illustrates signal flow in another embodiment. Figure 4 illustrates 
transform functions 414 being used to interface a smart card interface 410 and a 
g 15 conditional access (CA) applications programming interface (API) 418. CA API 418 
ft may issue information 420 in the form of signals and/or data that requires a response for 

the CA protocol to operate. The information 420 is received by the transform functions 
414, which depending upon the response required may route the information to different 
destinations. In one instance the information 420 received by the transform functions 
20 414 may be routed unaltered as information 422 to the smart card interface 410. 

Alternatively, information 420 received by the transform functions 414 may be routed 
after some transformation as information 422 to the smart card interface 410. In another 
instance the information 420 received by the transform functions 414 may be locally 
transformed to meet the CA API and then sent as information 416 to the CA API 418. 
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In yet a third instance, there may be a combination of transformations being performed 
by the transform function 414, with some information 422 being sent the smart card 
interface 410, and other information being sent after local transformation as information 
416 to the CA API 418. 

Information 412 received from the smart card interface 410 by the transform 
functions 414 may likewise have several destinations. Information 412 received from 
the smart card interface 410 by the transform functions 414 may be passed straight 
through from transform functions 414 as information 416 to the CA API 418. 
Information 412 received from the smart card interface 410 by the transform functions 
414 may be transformed locally by the transform functions 414 and used locally in 
combination with other transform results and then may be sent as information 416 to the 
CA API 418, or it may be transformed by transform functions 414 and then sent as 
information 416 to the CA API 418, or it may be sent unaltered as information 416 to 
the CA API 418, or it may be used locally by the transform functions 414 and not sent 
on, or a combination of these operations is possible. 

The transformation of the information by transform functions 414 may be via 
software, hardware, or a combination of hardware and software. For example, a simple 
hardware transformation may be inverting the polarity of a signal received from the CA 
API 418. A simple software transformation may be reformatting a smart card status 
signal received from the smart card interface 410 into a format compatible with the CA 
API 418. Transform functions 414 therefore is to be understood to provide those 
transformation of information, signals, and/or data such that the transform functions 414 
receives information 420 from and sends information 416 to the CA API 418 such that 
the CA API 418 needs no modifications to operate. Likewise, transform functions 414 
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is to be understood to provide those transformation of information, signals, and/or data 
such that the transform functions 414 sends information 422 to and receives information 
412 from the smart card interface 410 such that the smart card interface 410 needs no 
modifications to operate. 
5 Figure 5 illustrates resources in one possible embodiment of a conditional access 

system. In a CA system 500, computing resources 502 may consist of, but are not 
limited to, a CPU, memory, hardware, non-volatile storage, interfaces, etc. Operating 
system (OS) 504 may consist of, but is not limited to, a standard OS such as Unix, a 
custom OS, or a combination. Conditional access 506 may consist of, but is not limited 

10 to, a standard CA protocol such as NRSS, POD, ATSC-A70, CI, etc. The CA 506 may 
have a driver API 507 for interfacing. Such an interface, for example, may be a 
PCMCIA. Wrapper 508 may consist of hardware, software, or a combination of these. 
Proprietary interface (I/F) 509 may consist of, but is not limited to, legacy code, legacy 
support, special features, API's, etc. Smart card interface 510 may consist of, but is not 

15 limited to, hardware and/or software providing support and interfacing to an ISO 7816 
smart card. 

In the example of CA system 500 as shown in Figure 5, resources such as OS 
504, CA 506, driver API 507, wrapper 508, proprietary I/F 509, and smart card interface 
510 that are in contact with each other have access to those resources. For example, the 
20 OS 504, CA 506, driver API 507, wrapper 508, proprietary I/F 509, and smart card 

interface 510 all have access to computing resources 502. Smart card interface 510 has 
access to computing resources 502, proprietary I/F 509, and wrapper 508. 

In one embodiment of Figure 5, for example, computing resources 502 may 

consist of a host computer in an OpenCable™ compliant set top box or television. The 
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OS 504 may be a version of Linux. CA 506 may be OpenCable™ POD, and driver API 
507 may be the PCMCIA API interfacing to OpenCable™ POD. Wrapper 508 may be 
software, proprietary I/F 509 may be legacy support for a smart card, and smart card 
interface 510 may be an interface to an ISO 7816 smart card. 
5 Proprietary I/F 509 may, but is not limited to, providing support for a smart card 

interface 510 that is non-standard, or providing functional capabilities. That is, recall 
that some functions previously performed by a CA module separate from a host (see 
Figure 1, CA module 1 10, and host 102) may now be performed by the host (see Figure 
2, host 202). Thus, the wrapper 508 by interfacing with the proprietary I/F 509 and the 
10 CA 506, may provide support for functions and/or non-standard interfaces to smart 
cards. For example, a manufacturer may have developed a system with a proprietary 
Sj interface to a smart card, yet now wants to use a standard CA protocol. In such a 

yi 

= situation, the best approach may be to use some or all of the originally designed 

O functionality rather than totally redesigning the system. Wrapper 508 may provide the 

M 15 interfacing needed between the proprietary I/F 509 and the CA 506. That is, the 

M manufacturer by using the present invention may couple their smart card proprietary 

interface to an industry standard conditional access protocol. 

Figure 6 illustrates information flow in another embodiment of a conditional 

access system. Figure 6 shows a CA system 600 indicating information, data, and/or 

20 signal flows denoted by arrows. Each block, by necessity for clarity, is a high level 

representation of the function and may include hardware and/or software. For example, 

hardware (HW) block 602 refers to computing resources such as a CPU, memory, 

storage, etc. HW 602 is capable of communicating directly with a conditional access 

(CA) 604 block, a software interface (SW I/F) 606 block, and a wrapper 608 via 
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communication link 612. HW 602 is also capable of communication with smart card 
interface (SC I/F) 610 block via link 616. CA 604, SW I/F 606, and wrapper 608 can 
communicate with SC I/F via link 614. Additionally, CA 604, SW I/F 606, and wrapper 
608 are connected to each other and may communicate with each other as indicated by 
the arrows showing such connection to each other. 

While the above embodiment examples illustrate some possible configurations, 
it is to be understood that one practiced in the art may implement the functions in a 
variety of ways. For example, the transformation functions that enable a smart card to 
interface to an existing CA protocol may be implemented by dedicated proprietary 
software and/or hardware, or may be standardized as an API. These APFs may be 
viewed as providing replacement functions that are necessary to interface between a 
standard smart card, such as an ISO 7816 smart card, and a standard CA protocol API, 
such as the NRSS-B PCMCIA API. The transformation functions may be also be 
implemented within an integrated circuit (IC), a processor or series of processors 
executing code, a dedicated controller or controllers, etc. Different CA protocols may 
be established in the future, which with the proper interfacing will allow the use of a 
smart card. 

Likewise, it is to be understood that references to specifications or standards, 
such as NRSS-B, ISO 7816, etc., does not imply that the present invention requires a 
full and complete implementation of the entirety of a referenced specification or 
standard to be operable. For example, an ISO 7816 smart card interface is a smart card 
interface that complies substantially with ISO 7816 such that there is a minimum 
operable state of functionality allowing operation for the intended purpose or purposes. 
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Thus, a method and apparatus for allowing the use of a standard smart card in a 
conditional access system have been described. Although the present invention has 
been described with reference to specific exemplary embodiments, it will be evident that 
various modifications and changes may be made to these embodiments without 
departing from the broader spirit and scope of the invention as set forth in the claims. 
Accordingly, the specification and drawings are to be regarded in an illustrative rather 
than a restrictive sense. 
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